﻿using MediatR;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Traceability.API.APPLications.Commands.Login;
using Traceability.API.Dtos;
using Traceability.ErrorCode;

namespace Traceability.API.Controllers
{
    /// <summary>
    /// 用户管理控制器
    /// </summary>
    [Route("api/[controller]/[action]")]
    [ApiController]
    public class ManController : ControllerBase
    {
        private readonly IMediator _mediator;

        /// <summary>
        /// 构造函数
        /// </summary>
        /// <param name="mediator">中介者模式处理器</param>
        public ManController(IMediator mediator)
        {
            _mediator = mediator;
        }

        /// <summary>
        /// 用户登录接口
        /// </summary>
        /// <remarks>
        /// 用户通过用户名和密码进行登录，登录成功后返回用户信息、角色信息和JWT访问令牌
        /// 
        /// 示例请求:
        /// 
        ///     POST /api/Man/Login
        ///     {
        ///        "userName": "admin",
        ///        "password": "123456"
        ///     }
        /// </remarks>
        /// <param name="command">登录命令，包含用户名和密码</param>
        /// <returns>登录响应结果，包含用户信息、角色信息和JWT令牌</returns>
        /// <response code="200">登录成功，返回用户信息和JWT令牌</response>
        /// <response code="400">登录失败，用户名或密码错误</response>
        /// <response code="500">服务器内部错误</response>
        [HttpPost]
        [ProducesResponseType(typeof(APIResult<LoginResponseDto>), 200)]
        [ProducesResponseType(typeof(APIResult<LoginResponseDto>), 400)]
        [ProducesResponseType(typeof(APIResult<LoginResponseDto>), 500)]
        public async Task<APIResult<LoginResponseDto>> Login([FromBody] LoginQueryCommand command)
        {
            return await _mediator.Send(command);
        }

        /// <summary>
        /// 获取当前登录用户信息
        /// </summary>
        /// <remarks>
        /// 需要JWT认证，从令牌中提取当前登录用户的详细信息
        /// 
        /// 需要在请求头中包含有效的JWT令牌:
        /// 
        ///     Authorization: Bearer {JWT_TOKEN}
        /// </remarks>
        /// <returns>当前登录用户的详细信息</returns>
        /// <response code="200">成功获取用户信息</response>
        /// <response code="401">未授权，需要有效的JWT令牌</response>
        [HttpGet]
        [Authorize]
        [ProducesResponseType(typeof(APIResult<object>), 200)]
        [ProducesResponseType(401)]
        public IActionResult GetCurrentUser()
        {
            var userId = User.FindFirst(System.Security.Claims.ClaimTypes.NameIdentifier)?.Value;
            var userName = User.FindFirst(System.Security.Claims.ClaimTypes.Name)?.Value;
            var role = User.FindFirst(System.Security.Claims.ClaimTypes.Role)?.Value;
            var userNickName = User.FindFirst("UserNickName")?.Value;

            var userInfo = new
            {
                UserId = userId,
                UserName = userName,
                Role = role,
                UserNickName = userNickName
            };

            return Ok(new APIResult<object>
            {
                Code = APIEnum.登录成功,
                Message = "获取用户信息成功",
                Data = userInfo
            });
        }

        /// <summary>
        /// 管理员专用接口
        /// </summary>
        /// <remarks>
        /// 需要管理员角色权限，只有具有管理员角色的用户才能访问此接口
        /// 
        /// 需要在请求头中包含有效的JWT令牌，且用户角色必须为"管理员":
        /// 
        ///     Authorization: Bearer {JWT_TOKEN}
        /// </remarks>
        /// <returns>管理员专用信息</returns>
        /// <response code="200">管理员权限验证成功</response>
        /// <response code="401">未授权，需要有效的JWT令牌</response>
        /// <response code="403">禁止访问，需要管理员角色权限</response>
        [HttpGet]
        [Authorize(Roles = "管理员")]
        [ProducesResponseType(typeof(APIResult<object>), 200)]
        [ProducesResponseType(401)]
        [ProducesResponseType(403)]
        public IActionResult AdminOnly()
        {
            return Ok(new APIResult<object>
            {
                Code = APIEnum.登录成功,
                Message = "管理员权限验证成功",
                Data = new { Message = "这是管理员专用接口" }
            });
        }
    }
}
